2025-12-29 10:03:27 +08:00
|
|
|
// Code generated by ent, DO NOT EDIT.
|
|
|
|
|
|
|
|
|
|
package ent
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
|
|
|
|
"strings"
|
|
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
"entgo.io/ent"
|
|
|
|
|
"entgo.io/ent/dialect/sql"
|
|
|
|
|
"github.com/Wei-Shaw/sub2api/ent/user"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// User is the model entity for the User schema.
|
|
|
|
|
type User struct {
|
|
|
|
|
config `json:"-"`
|
|
|
|
|
// ID of the ent.
|
|
|
|
|
ID int64 `json:"id,omitempty"`
|
|
|
|
|
// CreatedAt holds the value of the "created_at" field.
|
|
|
|
|
CreatedAt time.Time `json:"created_at,omitempty"`
|
|
|
|
|
// UpdatedAt holds the value of the "updated_at" field.
|
|
|
|
|
UpdatedAt time.Time `json:"updated_at,omitempty"`
|
|
|
|
|
// DeletedAt holds the value of the "deleted_at" field.
|
|
|
|
|
DeletedAt *time.Time `json:"deleted_at,omitempty"`
|
|
|
|
|
// Email holds the value of the "email" field.
|
|
|
|
|
Email string `json:"email,omitempty"`
|
|
|
|
|
// PasswordHash holds the value of the "password_hash" field.
|
|
|
|
|
PasswordHash string `json:"password_hash,omitempty"`
|
|
|
|
|
// Role holds the value of the "role" field.
|
|
|
|
|
Role string `json:"role,omitempty"`
|
|
|
|
|
// Balance holds the value of the "balance" field.
|
|
|
|
|
Balance float64 `json:"balance,omitempty"`
|
|
|
|
|
// Concurrency holds the value of the "concurrency" field.
|
|
|
|
|
Concurrency int `json:"concurrency,omitempty"`
|
|
|
|
|
// Status holds the value of the "status" field.
|
|
|
|
|
Status string `json:"status,omitempty"`
|
|
|
|
|
// Username holds the value of the "username" field.
|
|
|
|
|
Username string `json:"username,omitempty"`
|
|
|
|
|
// Notes holds the value of the "notes" field.
|
|
|
|
|
Notes string `json:"notes,omitempty"`
|
|
|
|
|
// Edges holds the relations/edges for other nodes in the graph.
|
|
|
|
|
// The values are being populated by the UserQuery when eager-loading is set.
|
|
|
|
|
Edges UserEdges `json:"edges"`
|
|
|
|
|
selectValues sql.SelectValues
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// UserEdges holds the relations/edges for other nodes in the graph.
|
|
|
|
|
type UserEdges struct {
|
|
|
|
|
// APIKeys holds the value of the api_keys edge.
|
运维监控系统安全加固和功能优化 (#21)
* fix(ops): 修复运维监控系统的关键安全和稳定性问题
## 修复内容
### P0 严重问题
1. **DNS Rebinding防护** (ops_alert_service.go)
- 实现IP钉住机制防止验证后的DNS rebinding攻击
- 自定义Transport.DialContext强制只允许拨号到验证过的公网IP
- 扩展IP黑名单,包括云metadata地址(169.254.169.254)
- 添加完整的单元测试覆盖
2. **OpsAlertService生命周期管理** (wire.go)
- 在ProvideOpsMetricsCollector中添加opsAlertService.Start()调用
- 确保stopCtx正确初始化,避免nil指针问题
- 实现防御式启动,保证服务启动顺序
3. **数据库查询排序** (ops_repo.go)
- 在ListRecentSystemMetrics中添加显式ORDER BY updated_at DESC, id DESC
- 在GetLatestSystemMetric中添加排序保证
- 避免数据库返回顺序不确定导致告警误判
### P1 重要问题
4. **并发安全** (ops_metrics_collector.go)
- 为lastGCPauseTotal字段添加sync.Mutex保护
- 防止数据竞争
5. **Goroutine泄漏** (ops_error_logger.go)
- 实现worker pool模式限制并发goroutine数量
- 使用256容量缓冲队列和10个固定worker
- 非阻塞投递,队列满时丢弃任务
6. **生命周期控制** (ops_alert_service.go)
- 添加Start/Stop方法实现优雅关闭
- 使用context控制goroutine生命周期
- 实现WaitGroup等待后台任务完成
7. **Webhook URL验证** (ops_alert_service.go)
- 防止SSRF攻击:验证scheme、禁止内网IP
- DNS解析验证,拒绝解析到私有IP的域名
- 添加8个单元测试覆盖各种攻击场景
8. **资源泄漏** (ops_repo.go)
- 修复多处defer rows.Close()问题
- 简化冗余的defer func()包装
9. **HTTP超时控制** (ops_alert_service.go)
- 创建带10秒超时的http.Client
- 添加buildWebhookHTTPClient辅助函数
- 防止HTTP请求无限期挂起
10. **数据库查询优化** (ops_repo.go)
- 将GetWindowStats的4次独立查询合并为1次CTE查询
- 减少网络往返和表扫描次数
- 显著提升性能
11. **重试机制** (ops_alert_service.go)
- 实现邮件发送重试:最多3次,指数退避(1s/2s/4s)
- 添加webhook备用通道
- 实现完整的错误处理和日志记录
12. **魔法数字** (ops_repo.go, ops_metrics_collector.go)
- 提取硬编码数字为有意义的常量
- 提高代码可读性和可维护性
## 测试验证
- ✅ go test ./internal/service -tags opsalert_unit 通过
- ✅ 所有webhook验证测试通过
- ✅ 重试机制测试通过
## 影响范围
- 运维监控系统安全性显著提升
- 系统稳定性和性能优化
- 无破坏性变更,向后兼容
* feat(ops): 运维监控系统V2 - 完整实现
## 核心功能
- 运维监控仪表盘V2(实时监控、历史趋势、告警管理)
- WebSocket实时QPS/TPS监控(30s心跳,自动重连)
- 系统指标采集(CPU、内存、延迟、错误率等)
- 多维度统计分析(按provider、model、user等维度)
- 告警规则管理(阈值配置、通知渠道)
- 错误日志追踪(详细错误信息、堆栈跟踪)
## 数据库Schema (Migration 025)
### 扩展现有表
- ops_system_metrics: 新增RED指标、错误分类、延迟指标、资源指标、业务指标
- ops_alert_rules: 新增JSONB字段(dimension_filters, notify_channels, notify_config)
### 新增表
- ops_dimension_stats: 多维度统计数据
- ops_data_retention_config: 数据保留策略配置
### 新增视图和函数
- ops_latest_metrics: 最新1分钟窗口指标(已修复字段名和window过滤)
- ops_active_alerts: 当前活跃告警(已修复字段名和状态值)
- calculate_health_score: 健康分数计算函数
## 一致性修复(98/100分)
### P0级别(阻塞Migration)
- ✅ 修复ops_latest_metrics视图字段名(latency_p99→p99_latency_ms, cpu_usage→cpu_usage_percent)
- ✅ 修复ops_active_alerts视图字段名(metric→metric_type, triggered_at→fired_at, trigger_value→metric_value, threshold→threshold_value)
- ✅ 统一告警历史表名(删除ops_alert_history,使用ops_alert_events)
- ✅ 统一API参数限制(ListMetricsHistory和ListErrorLogs的limit改为5000)
### P1级别(功能完整性)
- ✅ 修复ops_latest_metrics视图未过滤window_minutes(添加WHERE m.window_minutes = 1)
- ✅ 修复数据回填UPDATE逻辑(QPS计算改为request_count/(window_minutes*60.0))
- ✅ 添加ops_alert_rules JSONB字段后端支持(Go结构体+序列化)
### P2级别(优化)
- ✅ 前端WebSocket自动重连(指数退避1s→2s→4s→8s→16s,最大5次)
- ✅ 后端WebSocket心跳检测(30s ping,60s pong超时)
## 技术实现
### 后端 (Go)
- Handler层: ops_handler.go(REST API), ops_ws_handler.go(WebSocket)
- Service层: ops_service.go(核心逻辑), ops_cache.go(缓存), ops_alerts.go(告警)
- Repository层: ops_repo.go(数据访问), ops.go(模型定义)
- 路由: admin.go(新增ops相关路由)
- 依赖注入: wire_gen.go(自动生成)
### 前端 (Vue3 + TypeScript)
- 组件: OpsDashboardV2.vue(仪表盘主组件)
- API: ops.ts(REST API + WebSocket封装)
- 路由: index.ts(新增/admin/ops路由)
- 国际化: en.ts, zh.ts(中英文支持)
## 测试验证
- ✅ 所有Go测试通过
- ✅ Migration可正常执行
- ✅ WebSocket连接稳定
- ✅ 前后端数据结构对齐
* refactor: 代码清理和测试优化
## 测试文件优化
- 简化integration test fixtures和断言
- 优化test helper函数
- 统一测试数据格式
## 代码清理
- 移除未使用的代码和注释
- 简化concurrency_cache实现
- 优化middleware错误处理
## 小修复
- 修复gateway_handler和openai_gateway_handler的小问题
- 统一代码风格和格式
变更统计: 27个文件,292行新增,322行删除(净减少30行)
* fix(ops): 运维监控系统安全加固和功能优化
## 安全增强
- feat(security): WebSocket日志脱敏机制,防止token/api_key泄露
- feat(security): X-Forwarded-Host白名单验证,防止CSRF绕过
- feat(security): Origin策略配置化,支持strict/permissive模式
- feat(auth): WebSocket认证支持query参数传递token
## 配置优化
- feat(config): 支持环境变量配置代理信任和Origin策略
- OPS_WS_TRUST_PROXY
- OPS_WS_TRUSTED_PROXIES
- OPS_WS_ORIGIN_POLICY
- fix(ops): 错误日志查询限流从5000降至500,优化内存使用
## 架构改进
- refactor(ops): 告警服务解耦,独立运行评估定时器
- refactor(ops): OpsDashboard统一版本,移除V2分离
## 测试和文档
- test(ops): 添加WebSocket安全验证单元测试(8个测试用例)
- test(ops): 添加告警服务集成测试
- docs(api): 更新API文档,标注限流变更
- docs: 添加CHANGELOG记录breaking changes
## 修复文件
Backend:
- backend/internal/server/middleware/logger.go
- backend/internal/handler/admin/ops_handler.go
- backend/internal/handler/admin/ops_ws_handler.go
- backend/internal/server/middleware/admin_auth.go
- backend/internal/service/ops_alert_service.go
- backend/internal/service/ops_metrics_collector.go
- backend/internal/service/wire.go
Frontend:
- frontend/src/views/admin/ops/OpsDashboard.vue
- frontend/src/router/index.ts
- frontend/src/api/admin/ops.ts
Tests:
- backend/internal/handler/admin/ops_ws_handler_test.go (新增)
- backend/internal/service/ops_alert_service_integration_test.go (新增)
Docs:
- CHANGELOG.md (新增)
- docs/API-运维监控中心2.0.md (更新)
* fix(migrations): 修复calculate_health_score函数类型匹配问题
在ops_latest_metrics视图中添加显式类型转换,确保参数类型与函数签名匹配
* fix(lint): 修复golangci-lint检查发现的所有问题
- 将Redis依赖从service层移到repository层
- 添加错误检查(WebSocket连接和读取超时)
- 运行gofmt格式化代码
- 添加nil指针检查
- 删除未使用的alertService字段
修复问题:
- depguard: 3个(service层不应直接import redis)
- errcheck: 3个(未检查错误返回值)
- gofmt: 2个(代码格式问题)
- staticcheck: 4个(nil指针解引用)
- unused: 1个(未使用字段)
代码统计:
- 修改文件:11个
- 删除代码:490行
- 新增代码:105行
- 净减少:385行
2026-01-02 20:01:12 +08:00
|
|
|
APIKeys []*APIKey `json:"api_keys,omitempty"`
|
2025-12-29 10:03:27 +08:00
|
|
|
// RedeemCodes holds the value of the redeem_codes edge.
|
|
|
|
|
RedeemCodes []*RedeemCode `json:"redeem_codes,omitempty"`
|
|
|
|
|
// Subscriptions holds the value of the subscriptions edge.
|
|
|
|
|
Subscriptions []*UserSubscription `json:"subscriptions,omitempty"`
|
|
|
|
|
// AssignedSubscriptions holds the value of the assigned_subscriptions edge.
|
|
|
|
|
AssignedSubscriptions []*UserSubscription `json:"assigned_subscriptions,omitempty"`
|
|
|
|
|
// AllowedGroups holds the value of the allowed_groups edge.
|
|
|
|
|
AllowedGroups []*Group `json:"allowed_groups,omitempty"`
|
2025-12-31 14:11:57 +08:00
|
|
|
// UsageLogs holds the value of the usage_logs edge.
|
|
|
|
|
UsageLogs []*UsageLog `json:"usage_logs,omitempty"`
|
2026-01-01 18:59:38 +08:00
|
|
|
// AttributeValues holds the value of the attribute_values edge.
|
|
|
|
|
AttributeValues []*UserAttributeValue `json:"attribute_values,omitempty"`
|
2025-12-29 10:03:27 +08:00
|
|
|
// UserAllowedGroups holds the value of the user_allowed_groups edge.
|
|
|
|
|
UserAllowedGroups []*UserAllowedGroup `json:"user_allowed_groups,omitempty"`
|
|
|
|
|
// loadedTypes holds the information for reporting if a
|
|
|
|
|
// type was loaded (or requested) in eager-loading or not.
|
2026-01-01 18:59:38 +08:00
|
|
|
loadedTypes [8]bool
|
2025-12-29 10:03:27 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// APIKeysOrErr returns the APIKeys value or an error if the edge
|
|
|
|
|
// was not loaded in eager-loading.
|
运维监控系统安全加固和功能优化 (#21)
* fix(ops): 修复运维监控系统的关键安全和稳定性问题
## 修复内容
### P0 严重问题
1. **DNS Rebinding防护** (ops_alert_service.go)
- 实现IP钉住机制防止验证后的DNS rebinding攻击
- 自定义Transport.DialContext强制只允许拨号到验证过的公网IP
- 扩展IP黑名单,包括云metadata地址(169.254.169.254)
- 添加完整的单元测试覆盖
2. **OpsAlertService生命周期管理** (wire.go)
- 在ProvideOpsMetricsCollector中添加opsAlertService.Start()调用
- 确保stopCtx正确初始化,避免nil指针问题
- 实现防御式启动,保证服务启动顺序
3. **数据库查询排序** (ops_repo.go)
- 在ListRecentSystemMetrics中添加显式ORDER BY updated_at DESC, id DESC
- 在GetLatestSystemMetric中添加排序保证
- 避免数据库返回顺序不确定导致告警误判
### P1 重要问题
4. **并发安全** (ops_metrics_collector.go)
- 为lastGCPauseTotal字段添加sync.Mutex保护
- 防止数据竞争
5. **Goroutine泄漏** (ops_error_logger.go)
- 实现worker pool模式限制并发goroutine数量
- 使用256容量缓冲队列和10个固定worker
- 非阻塞投递,队列满时丢弃任务
6. **生命周期控制** (ops_alert_service.go)
- 添加Start/Stop方法实现优雅关闭
- 使用context控制goroutine生命周期
- 实现WaitGroup等待后台任务完成
7. **Webhook URL验证** (ops_alert_service.go)
- 防止SSRF攻击:验证scheme、禁止内网IP
- DNS解析验证,拒绝解析到私有IP的域名
- 添加8个单元测试覆盖各种攻击场景
8. **资源泄漏** (ops_repo.go)
- 修复多处defer rows.Close()问题
- 简化冗余的defer func()包装
9. **HTTP超时控制** (ops_alert_service.go)
- 创建带10秒超时的http.Client
- 添加buildWebhookHTTPClient辅助函数
- 防止HTTP请求无限期挂起
10. **数据库查询优化** (ops_repo.go)
- 将GetWindowStats的4次独立查询合并为1次CTE查询
- 减少网络往返和表扫描次数
- 显著提升性能
11. **重试机制** (ops_alert_service.go)
- 实现邮件发送重试:最多3次,指数退避(1s/2s/4s)
- 添加webhook备用通道
- 实现完整的错误处理和日志记录
12. **魔法数字** (ops_repo.go, ops_metrics_collector.go)
- 提取硬编码数字为有意义的常量
- 提高代码可读性和可维护性
## 测试验证
- ✅ go test ./internal/service -tags opsalert_unit 通过
- ✅ 所有webhook验证测试通过
- ✅ 重试机制测试通过
## 影响范围
- 运维监控系统安全性显著提升
- 系统稳定性和性能优化
- 无破坏性变更,向后兼容
* feat(ops): 运维监控系统V2 - 完整实现
## 核心功能
- 运维监控仪表盘V2(实时监控、历史趋势、告警管理)
- WebSocket实时QPS/TPS监控(30s心跳,自动重连)
- 系统指标采集(CPU、内存、延迟、错误率等)
- 多维度统计分析(按provider、model、user等维度)
- 告警规则管理(阈值配置、通知渠道)
- 错误日志追踪(详细错误信息、堆栈跟踪)
## 数据库Schema (Migration 025)
### 扩展现有表
- ops_system_metrics: 新增RED指标、错误分类、延迟指标、资源指标、业务指标
- ops_alert_rules: 新增JSONB字段(dimension_filters, notify_channels, notify_config)
### 新增表
- ops_dimension_stats: 多维度统计数据
- ops_data_retention_config: 数据保留策略配置
### 新增视图和函数
- ops_latest_metrics: 最新1分钟窗口指标(已修复字段名和window过滤)
- ops_active_alerts: 当前活跃告警(已修复字段名和状态值)
- calculate_health_score: 健康分数计算函数
## 一致性修复(98/100分)
### P0级别(阻塞Migration)
- ✅ 修复ops_latest_metrics视图字段名(latency_p99→p99_latency_ms, cpu_usage→cpu_usage_percent)
- ✅ 修复ops_active_alerts视图字段名(metric→metric_type, triggered_at→fired_at, trigger_value→metric_value, threshold→threshold_value)
- ✅ 统一告警历史表名(删除ops_alert_history,使用ops_alert_events)
- ✅ 统一API参数限制(ListMetricsHistory和ListErrorLogs的limit改为5000)
### P1级别(功能完整性)
- ✅ 修复ops_latest_metrics视图未过滤window_minutes(添加WHERE m.window_minutes = 1)
- ✅ 修复数据回填UPDATE逻辑(QPS计算改为request_count/(window_minutes*60.0))
- ✅ 添加ops_alert_rules JSONB字段后端支持(Go结构体+序列化)
### P2级别(优化)
- ✅ 前端WebSocket自动重连(指数退避1s→2s→4s→8s→16s,最大5次)
- ✅ 后端WebSocket心跳检测(30s ping,60s pong超时)
## 技术实现
### 后端 (Go)
- Handler层: ops_handler.go(REST API), ops_ws_handler.go(WebSocket)
- Service层: ops_service.go(核心逻辑), ops_cache.go(缓存), ops_alerts.go(告警)
- Repository层: ops_repo.go(数据访问), ops.go(模型定义)
- 路由: admin.go(新增ops相关路由)
- 依赖注入: wire_gen.go(自动生成)
### 前端 (Vue3 + TypeScript)
- 组件: OpsDashboardV2.vue(仪表盘主组件)
- API: ops.ts(REST API + WebSocket封装)
- 路由: index.ts(新增/admin/ops路由)
- 国际化: en.ts, zh.ts(中英文支持)
## 测试验证
- ✅ 所有Go测试通过
- ✅ Migration可正常执行
- ✅ WebSocket连接稳定
- ✅ 前后端数据结构对齐
* refactor: 代码清理和测试优化
## 测试文件优化
- 简化integration test fixtures和断言
- 优化test helper函数
- 统一测试数据格式
## 代码清理
- 移除未使用的代码和注释
- 简化concurrency_cache实现
- 优化middleware错误处理
## 小修复
- 修复gateway_handler和openai_gateway_handler的小问题
- 统一代码风格和格式
变更统计: 27个文件,292行新增,322行删除(净减少30行)
* fix(ops): 运维监控系统安全加固和功能优化
## 安全增强
- feat(security): WebSocket日志脱敏机制,防止token/api_key泄露
- feat(security): X-Forwarded-Host白名单验证,防止CSRF绕过
- feat(security): Origin策略配置化,支持strict/permissive模式
- feat(auth): WebSocket认证支持query参数传递token
## 配置优化
- feat(config): 支持环境变量配置代理信任和Origin策略
- OPS_WS_TRUST_PROXY
- OPS_WS_TRUSTED_PROXIES
- OPS_WS_ORIGIN_POLICY
- fix(ops): 错误日志查询限流从5000降至500,优化内存使用
## 架构改进
- refactor(ops): 告警服务解耦,独立运行评估定时器
- refactor(ops): OpsDashboard统一版本,移除V2分离
## 测试和文档
- test(ops): 添加WebSocket安全验证单元测试(8个测试用例)
- test(ops): 添加告警服务集成测试
- docs(api): 更新API文档,标注限流变更
- docs: 添加CHANGELOG记录breaking changes
## 修复文件
Backend:
- backend/internal/server/middleware/logger.go
- backend/internal/handler/admin/ops_handler.go
- backend/internal/handler/admin/ops_ws_handler.go
- backend/internal/server/middleware/admin_auth.go
- backend/internal/service/ops_alert_service.go
- backend/internal/service/ops_metrics_collector.go
- backend/internal/service/wire.go
Frontend:
- frontend/src/views/admin/ops/OpsDashboard.vue
- frontend/src/router/index.ts
- frontend/src/api/admin/ops.ts
Tests:
- backend/internal/handler/admin/ops_ws_handler_test.go (新增)
- backend/internal/service/ops_alert_service_integration_test.go (新增)
Docs:
- CHANGELOG.md (新增)
- docs/API-运维监控中心2.0.md (更新)
* fix(migrations): 修复calculate_health_score函数类型匹配问题
在ops_latest_metrics视图中添加显式类型转换,确保参数类型与函数签名匹配
* fix(lint): 修复golangci-lint检查发现的所有问题
- 将Redis依赖从service层移到repository层
- 添加错误检查(WebSocket连接和读取超时)
- 运行gofmt格式化代码
- 添加nil指针检查
- 删除未使用的alertService字段
修复问题:
- depguard: 3个(service层不应直接import redis)
- errcheck: 3个(未检查错误返回值)
- gofmt: 2个(代码格式问题)
- staticcheck: 4个(nil指针解引用)
- unused: 1个(未使用字段)
代码统计:
- 修改文件:11个
- 删除代码:490行
- 新增代码:105行
- 净减少:385行
2026-01-02 20:01:12 +08:00
|
|
|
func (e UserEdges) APIKeysOrErr() ([]*APIKey, error) {
|
2025-12-29 10:03:27 +08:00
|
|
|
if e.loadedTypes[0] {
|
|
|
|
|
return e.APIKeys, nil
|
|
|
|
|
}
|
|
|
|
|
return nil, &NotLoadedError{edge: "api_keys"}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// RedeemCodesOrErr returns the RedeemCodes value or an error if the edge
|
|
|
|
|
// was not loaded in eager-loading.
|
|
|
|
|
func (e UserEdges) RedeemCodesOrErr() ([]*RedeemCode, error) {
|
|
|
|
|
if e.loadedTypes[1] {
|
|
|
|
|
return e.RedeemCodes, nil
|
|
|
|
|
}
|
|
|
|
|
return nil, &NotLoadedError{edge: "redeem_codes"}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// SubscriptionsOrErr returns the Subscriptions value or an error if the edge
|
|
|
|
|
// was not loaded in eager-loading.
|
|
|
|
|
func (e UserEdges) SubscriptionsOrErr() ([]*UserSubscription, error) {
|
|
|
|
|
if e.loadedTypes[2] {
|
|
|
|
|
return e.Subscriptions, nil
|
|
|
|
|
}
|
|
|
|
|
return nil, &NotLoadedError{edge: "subscriptions"}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// AssignedSubscriptionsOrErr returns the AssignedSubscriptions value or an error if the edge
|
|
|
|
|
// was not loaded in eager-loading.
|
|
|
|
|
func (e UserEdges) AssignedSubscriptionsOrErr() ([]*UserSubscription, error) {
|
|
|
|
|
if e.loadedTypes[3] {
|
|
|
|
|
return e.AssignedSubscriptions, nil
|
|
|
|
|
}
|
|
|
|
|
return nil, &NotLoadedError{edge: "assigned_subscriptions"}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// AllowedGroupsOrErr returns the AllowedGroups value or an error if the edge
|
|
|
|
|
// was not loaded in eager-loading.
|
|
|
|
|
func (e UserEdges) AllowedGroupsOrErr() ([]*Group, error) {
|
|
|
|
|
if e.loadedTypes[4] {
|
|
|
|
|
return e.AllowedGroups, nil
|
|
|
|
|
}
|
|
|
|
|
return nil, &NotLoadedError{edge: "allowed_groups"}
|
|
|
|
|
}
|
|
|
|
|
|
2025-12-31 14:11:57 +08:00
|
|
|
// UsageLogsOrErr returns the UsageLogs value or an error if the edge
|
|
|
|
|
// was not loaded in eager-loading.
|
|
|
|
|
func (e UserEdges) UsageLogsOrErr() ([]*UsageLog, error) {
|
|
|
|
|
if e.loadedTypes[5] {
|
|
|
|
|
return e.UsageLogs, nil
|
|
|
|
|
}
|
|
|
|
|
return nil, &NotLoadedError{edge: "usage_logs"}
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-01 18:59:38 +08:00
|
|
|
// AttributeValuesOrErr returns the AttributeValues value or an error if the edge
|
|
|
|
|
// was not loaded in eager-loading.
|
|
|
|
|
func (e UserEdges) AttributeValuesOrErr() ([]*UserAttributeValue, error) {
|
|
|
|
|
if e.loadedTypes[6] {
|
|
|
|
|
return e.AttributeValues, nil
|
|
|
|
|
}
|
|
|
|
|
return nil, &NotLoadedError{edge: "attribute_values"}
|
|
|
|
|
}
|
|
|
|
|
|
2025-12-29 10:03:27 +08:00
|
|
|
// UserAllowedGroupsOrErr returns the UserAllowedGroups value or an error if the edge
|
|
|
|
|
// was not loaded in eager-loading.
|
|
|
|
|
func (e UserEdges) UserAllowedGroupsOrErr() ([]*UserAllowedGroup, error) {
|
2026-01-01 18:59:38 +08:00
|
|
|
if e.loadedTypes[7] {
|
2025-12-29 10:03:27 +08:00
|
|
|
return e.UserAllowedGroups, nil
|
|
|
|
|
}
|
|
|
|
|
return nil, &NotLoadedError{edge: "user_allowed_groups"}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// scanValues returns the types for scanning values from sql.Rows.
|
|
|
|
|
func (*User) scanValues(columns []string) ([]any, error) {
|
|
|
|
|
values := make([]any, len(columns))
|
|
|
|
|
for i := range columns {
|
|
|
|
|
switch columns[i] {
|
|
|
|
|
case user.FieldBalance:
|
|
|
|
|
values[i] = new(sql.NullFloat64)
|
|
|
|
|
case user.FieldID, user.FieldConcurrency:
|
|
|
|
|
values[i] = new(sql.NullInt64)
|
2026-01-01 18:59:38 +08:00
|
|
|
case user.FieldEmail, user.FieldPasswordHash, user.FieldRole, user.FieldStatus, user.FieldUsername, user.FieldNotes:
|
2025-12-29 10:03:27 +08:00
|
|
|
values[i] = new(sql.NullString)
|
|
|
|
|
case user.FieldCreatedAt, user.FieldUpdatedAt, user.FieldDeletedAt:
|
|
|
|
|
values[i] = new(sql.NullTime)
|
|
|
|
|
default:
|
|
|
|
|
values[i] = new(sql.UnknownType)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return values, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// assignValues assigns the values that were returned from sql.Rows (after scanning)
|
|
|
|
|
// to the User fields.
|
|
|
|
|
func (_m *User) assignValues(columns []string, values []any) error {
|
|
|
|
|
if m, n := len(values), len(columns); m < n {
|
|
|
|
|
return fmt.Errorf("mismatch number of scan values: %d != %d", m, n)
|
|
|
|
|
}
|
|
|
|
|
for i := range columns {
|
|
|
|
|
switch columns[i] {
|
|
|
|
|
case user.FieldID:
|
|
|
|
|
value, ok := values[i].(*sql.NullInt64)
|
|
|
|
|
if !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field id", value)
|
|
|
|
|
}
|
|
|
|
|
_m.ID = int64(value.Int64)
|
|
|
|
|
case user.FieldCreatedAt:
|
|
|
|
|
if value, ok := values[i].(*sql.NullTime); !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field created_at", values[i])
|
|
|
|
|
} else if value.Valid {
|
|
|
|
|
_m.CreatedAt = value.Time
|
|
|
|
|
}
|
|
|
|
|
case user.FieldUpdatedAt:
|
|
|
|
|
if value, ok := values[i].(*sql.NullTime); !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field updated_at", values[i])
|
|
|
|
|
} else if value.Valid {
|
|
|
|
|
_m.UpdatedAt = value.Time
|
|
|
|
|
}
|
|
|
|
|
case user.FieldDeletedAt:
|
|
|
|
|
if value, ok := values[i].(*sql.NullTime); !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field deleted_at", values[i])
|
|
|
|
|
} else if value.Valid {
|
|
|
|
|
_m.DeletedAt = new(time.Time)
|
|
|
|
|
*_m.DeletedAt = value.Time
|
|
|
|
|
}
|
|
|
|
|
case user.FieldEmail:
|
|
|
|
|
if value, ok := values[i].(*sql.NullString); !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field email", values[i])
|
|
|
|
|
} else if value.Valid {
|
|
|
|
|
_m.Email = value.String
|
|
|
|
|
}
|
|
|
|
|
case user.FieldPasswordHash:
|
|
|
|
|
if value, ok := values[i].(*sql.NullString); !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field password_hash", values[i])
|
|
|
|
|
} else if value.Valid {
|
|
|
|
|
_m.PasswordHash = value.String
|
|
|
|
|
}
|
|
|
|
|
case user.FieldRole:
|
|
|
|
|
if value, ok := values[i].(*sql.NullString); !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field role", values[i])
|
|
|
|
|
} else if value.Valid {
|
|
|
|
|
_m.Role = value.String
|
|
|
|
|
}
|
|
|
|
|
case user.FieldBalance:
|
|
|
|
|
if value, ok := values[i].(*sql.NullFloat64); !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field balance", values[i])
|
|
|
|
|
} else if value.Valid {
|
|
|
|
|
_m.Balance = value.Float64
|
|
|
|
|
}
|
|
|
|
|
case user.FieldConcurrency:
|
|
|
|
|
if value, ok := values[i].(*sql.NullInt64); !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field concurrency", values[i])
|
|
|
|
|
} else if value.Valid {
|
|
|
|
|
_m.Concurrency = int(value.Int64)
|
|
|
|
|
}
|
|
|
|
|
case user.FieldStatus:
|
|
|
|
|
if value, ok := values[i].(*sql.NullString); !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field status", values[i])
|
|
|
|
|
} else if value.Valid {
|
|
|
|
|
_m.Status = value.String
|
|
|
|
|
}
|
|
|
|
|
case user.FieldUsername:
|
|
|
|
|
if value, ok := values[i].(*sql.NullString); !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field username", values[i])
|
|
|
|
|
} else if value.Valid {
|
|
|
|
|
_m.Username = value.String
|
|
|
|
|
}
|
|
|
|
|
case user.FieldNotes:
|
|
|
|
|
if value, ok := values[i].(*sql.NullString); !ok {
|
|
|
|
|
return fmt.Errorf("unexpected type %T for field notes", values[i])
|
|
|
|
|
} else if value.Valid {
|
|
|
|
|
_m.Notes = value.String
|
|
|
|
|
}
|
|
|
|
|
default:
|
|
|
|
|
_m.selectValues.Set(columns[i], values[i])
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Value returns the ent.Value that was dynamically selected and assigned to the User.
|
|
|
|
|
// This includes values selected through modifiers, order, etc.
|
|
|
|
|
func (_m *User) Value(name string) (ent.Value, error) {
|
|
|
|
|
return _m.selectValues.Get(name)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// QueryAPIKeys queries the "api_keys" edge of the User entity.
|
运维监控系统安全加固和功能优化 (#21)
* fix(ops): 修复运维监控系统的关键安全和稳定性问题
## 修复内容
### P0 严重问题
1. **DNS Rebinding防护** (ops_alert_service.go)
- 实现IP钉住机制防止验证后的DNS rebinding攻击
- 自定义Transport.DialContext强制只允许拨号到验证过的公网IP
- 扩展IP黑名单,包括云metadata地址(169.254.169.254)
- 添加完整的单元测试覆盖
2. **OpsAlertService生命周期管理** (wire.go)
- 在ProvideOpsMetricsCollector中添加opsAlertService.Start()调用
- 确保stopCtx正确初始化,避免nil指针问题
- 实现防御式启动,保证服务启动顺序
3. **数据库查询排序** (ops_repo.go)
- 在ListRecentSystemMetrics中添加显式ORDER BY updated_at DESC, id DESC
- 在GetLatestSystemMetric中添加排序保证
- 避免数据库返回顺序不确定导致告警误判
### P1 重要问题
4. **并发安全** (ops_metrics_collector.go)
- 为lastGCPauseTotal字段添加sync.Mutex保护
- 防止数据竞争
5. **Goroutine泄漏** (ops_error_logger.go)
- 实现worker pool模式限制并发goroutine数量
- 使用256容量缓冲队列和10个固定worker
- 非阻塞投递,队列满时丢弃任务
6. **生命周期控制** (ops_alert_service.go)
- 添加Start/Stop方法实现优雅关闭
- 使用context控制goroutine生命周期
- 实现WaitGroup等待后台任务完成
7. **Webhook URL验证** (ops_alert_service.go)
- 防止SSRF攻击:验证scheme、禁止内网IP
- DNS解析验证,拒绝解析到私有IP的域名
- 添加8个单元测试覆盖各种攻击场景
8. **资源泄漏** (ops_repo.go)
- 修复多处defer rows.Close()问题
- 简化冗余的defer func()包装
9. **HTTP超时控制** (ops_alert_service.go)
- 创建带10秒超时的http.Client
- 添加buildWebhookHTTPClient辅助函数
- 防止HTTP请求无限期挂起
10. **数据库查询优化** (ops_repo.go)
- 将GetWindowStats的4次独立查询合并为1次CTE查询
- 减少网络往返和表扫描次数
- 显著提升性能
11. **重试机制** (ops_alert_service.go)
- 实现邮件发送重试:最多3次,指数退避(1s/2s/4s)
- 添加webhook备用通道
- 实现完整的错误处理和日志记录
12. **魔法数字** (ops_repo.go, ops_metrics_collector.go)
- 提取硬编码数字为有意义的常量
- 提高代码可读性和可维护性
## 测试验证
- ✅ go test ./internal/service -tags opsalert_unit 通过
- ✅ 所有webhook验证测试通过
- ✅ 重试机制测试通过
## 影响范围
- 运维监控系统安全性显著提升
- 系统稳定性和性能优化
- 无破坏性变更,向后兼容
* feat(ops): 运维监控系统V2 - 完整实现
## 核心功能
- 运维监控仪表盘V2(实时监控、历史趋势、告警管理)
- WebSocket实时QPS/TPS监控(30s心跳,自动重连)
- 系统指标采集(CPU、内存、延迟、错误率等)
- 多维度统计分析(按provider、model、user等维度)
- 告警规则管理(阈值配置、通知渠道)
- 错误日志追踪(详细错误信息、堆栈跟踪)
## 数据库Schema (Migration 025)
### 扩展现有表
- ops_system_metrics: 新增RED指标、错误分类、延迟指标、资源指标、业务指标
- ops_alert_rules: 新增JSONB字段(dimension_filters, notify_channels, notify_config)
### 新增表
- ops_dimension_stats: 多维度统计数据
- ops_data_retention_config: 数据保留策略配置
### 新增视图和函数
- ops_latest_metrics: 最新1分钟窗口指标(已修复字段名和window过滤)
- ops_active_alerts: 当前活跃告警(已修复字段名和状态值)
- calculate_health_score: 健康分数计算函数
## 一致性修复(98/100分)
### P0级别(阻塞Migration)
- ✅ 修复ops_latest_metrics视图字段名(latency_p99→p99_latency_ms, cpu_usage→cpu_usage_percent)
- ✅ 修复ops_active_alerts视图字段名(metric→metric_type, triggered_at→fired_at, trigger_value→metric_value, threshold→threshold_value)
- ✅ 统一告警历史表名(删除ops_alert_history,使用ops_alert_events)
- ✅ 统一API参数限制(ListMetricsHistory和ListErrorLogs的limit改为5000)
### P1级别(功能完整性)
- ✅ 修复ops_latest_metrics视图未过滤window_minutes(添加WHERE m.window_minutes = 1)
- ✅ 修复数据回填UPDATE逻辑(QPS计算改为request_count/(window_minutes*60.0))
- ✅ 添加ops_alert_rules JSONB字段后端支持(Go结构体+序列化)
### P2级别(优化)
- ✅ 前端WebSocket自动重连(指数退避1s→2s→4s→8s→16s,最大5次)
- ✅ 后端WebSocket心跳检测(30s ping,60s pong超时)
## 技术实现
### 后端 (Go)
- Handler层: ops_handler.go(REST API), ops_ws_handler.go(WebSocket)
- Service层: ops_service.go(核心逻辑), ops_cache.go(缓存), ops_alerts.go(告警)
- Repository层: ops_repo.go(数据访问), ops.go(模型定义)
- 路由: admin.go(新增ops相关路由)
- 依赖注入: wire_gen.go(自动生成)
### 前端 (Vue3 + TypeScript)
- 组件: OpsDashboardV2.vue(仪表盘主组件)
- API: ops.ts(REST API + WebSocket封装)
- 路由: index.ts(新增/admin/ops路由)
- 国际化: en.ts, zh.ts(中英文支持)
## 测试验证
- ✅ 所有Go测试通过
- ✅ Migration可正常执行
- ✅ WebSocket连接稳定
- ✅ 前后端数据结构对齐
* refactor: 代码清理和测试优化
## 测试文件优化
- 简化integration test fixtures和断言
- 优化test helper函数
- 统一测试数据格式
## 代码清理
- 移除未使用的代码和注释
- 简化concurrency_cache实现
- 优化middleware错误处理
## 小修复
- 修复gateway_handler和openai_gateway_handler的小问题
- 统一代码风格和格式
变更统计: 27个文件,292行新增,322行删除(净减少30行)
* fix(ops): 运维监控系统安全加固和功能优化
## 安全增强
- feat(security): WebSocket日志脱敏机制,防止token/api_key泄露
- feat(security): X-Forwarded-Host白名单验证,防止CSRF绕过
- feat(security): Origin策略配置化,支持strict/permissive模式
- feat(auth): WebSocket认证支持query参数传递token
## 配置优化
- feat(config): 支持环境变量配置代理信任和Origin策略
- OPS_WS_TRUST_PROXY
- OPS_WS_TRUSTED_PROXIES
- OPS_WS_ORIGIN_POLICY
- fix(ops): 错误日志查询限流从5000降至500,优化内存使用
## 架构改进
- refactor(ops): 告警服务解耦,独立运行评估定时器
- refactor(ops): OpsDashboard统一版本,移除V2分离
## 测试和文档
- test(ops): 添加WebSocket安全验证单元测试(8个测试用例)
- test(ops): 添加告警服务集成测试
- docs(api): 更新API文档,标注限流变更
- docs: 添加CHANGELOG记录breaking changes
## 修复文件
Backend:
- backend/internal/server/middleware/logger.go
- backend/internal/handler/admin/ops_handler.go
- backend/internal/handler/admin/ops_ws_handler.go
- backend/internal/server/middleware/admin_auth.go
- backend/internal/service/ops_alert_service.go
- backend/internal/service/ops_metrics_collector.go
- backend/internal/service/wire.go
Frontend:
- frontend/src/views/admin/ops/OpsDashboard.vue
- frontend/src/router/index.ts
- frontend/src/api/admin/ops.ts
Tests:
- backend/internal/handler/admin/ops_ws_handler_test.go (新增)
- backend/internal/service/ops_alert_service_integration_test.go (新增)
Docs:
- CHANGELOG.md (新增)
- docs/API-运维监控中心2.0.md (更新)
* fix(migrations): 修复calculate_health_score函数类型匹配问题
在ops_latest_metrics视图中添加显式类型转换,确保参数类型与函数签名匹配
* fix(lint): 修复golangci-lint检查发现的所有问题
- 将Redis依赖从service层移到repository层
- 添加错误检查(WebSocket连接和读取超时)
- 运行gofmt格式化代码
- 添加nil指针检查
- 删除未使用的alertService字段
修复问题:
- depguard: 3个(service层不应直接import redis)
- errcheck: 3个(未检查错误返回值)
- gofmt: 2个(代码格式问题)
- staticcheck: 4个(nil指针解引用)
- unused: 1个(未使用字段)
代码统计:
- 修改文件:11个
- 删除代码:490行
- 新增代码:105行
- 净减少:385行
2026-01-02 20:01:12 +08:00
|
|
|
func (_m *User) QueryAPIKeys() *APIKeyQuery {
|
2025-12-29 10:03:27 +08:00
|
|
|
return NewUserClient(_m.config).QueryAPIKeys(_m)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// QueryRedeemCodes queries the "redeem_codes" edge of the User entity.
|
|
|
|
|
func (_m *User) QueryRedeemCodes() *RedeemCodeQuery {
|
|
|
|
|
return NewUserClient(_m.config).QueryRedeemCodes(_m)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// QuerySubscriptions queries the "subscriptions" edge of the User entity.
|
|
|
|
|
func (_m *User) QuerySubscriptions() *UserSubscriptionQuery {
|
|
|
|
|
return NewUserClient(_m.config).QuerySubscriptions(_m)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// QueryAssignedSubscriptions queries the "assigned_subscriptions" edge of the User entity.
|
|
|
|
|
func (_m *User) QueryAssignedSubscriptions() *UserSubscriptionQuery {
|
|
|
|
|
return NewUserClient(_m.config).QueryAssignedSubscriptions(_m)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// QueryAllowedGroups queries the "allowed_groups" edge of the User entity.
|
|
|
|
|
func (_m *User) QueryAllowedGroups() *GroupQuery {
|
|
|
|
|
return NewUserClient(_m.config).QueryAllowedGroups(_m)
|
|
|
|
|
}
|
|
|
|
|
|
2025-12-31 14:11:57 +08:00
|
|
|
// QueryUsageLogs queries the "usage_logs" edge of the User entity.
|
|
|
|
|
func (_m *User) QueryUsageLogs() *UsageLogQuery {
|
|
|
|
|
return NewUserClient(_m.config).QueryUsageLogs(_m)
|
|
|
|
|
}
|
|
|
|
|
|
2026-01-01 18:59:38 +08:00
|
|
|
// QueryAttributeValues queries the "attribute_values" edge of the User entity.
|
|
|
|
|
func (_m *User) QueryAttributeValues() *UserAttributeValueQuery {
|
|
|
|
|
return NewUserClient(_m.config).QueryAttributeValues(_m)
|
|
|
|
|
}
|
|
|
|
|
|
2025-12-29 10:03:27 +08:00
|
|
|
// QueryUserAllowedGroups queries the "user_allowed_groups" edge of the User entity.
|
|
|
|
|
func (_m *User) QueryUserAllowedGroups() *UserAllowedGroupQuery {
|
|
|
|
|
return NewUserClient(_m.config).QueryUserAllowedGroups(_m)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Update returns a builder for updating this User.
|
|
|
|
|
// Note that you need to call User.Unwrap() before calling this method if this User
|
|
|
|
|
// was returned from a transaction, and the transaction was committed or rolled back.
|
|
|
|
|
func (_m *User) Update() *UserUpdateOne {
|
|
|
|
|
return NewUserClient(_m.config).UpdateOne(_m)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Unwrap unwraps the User entity that was returned from a transaction after it was closed,
|
|
|
|
|
// so that all future queries will be executed through the driver which created the transaction.
|
|
|
|
|
func (_m *User) Unwrap() *User {
|
|
|
|
|
_tx, ok := _m.config.driver.(*txDriver)
|
|
|
|
|
if !ok {
|
|
|
|
|
panic("ent: User is not a transactional entity")
|
|
|
|
|
}
|
|
|
|
|
_m.config.driver = _tx.drv
|
|
|
|
|
return _m
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// String implements the fmt.Stringer.
|
|
|
|
|
func (_m *User) String() string {
|
|
|
|
|
var builder strings.Builder
|
|
|
|
|
builder.WriteString("User(")
|
|
|
|
|
builder.WriteString(fmt.Sprintf("id=%v, ", _m.ID))
|
|
|
|
|
builder.WriteString("created_at=")
|
|
|
|
|
builder.WriteString(_m.CreatedAt.Format(time.ANSIC))
|
|
|
|
|
builder.WriteString(", ")
|
|
|
|
|
builder.WriteString("updated_at=")
|
|
|
|
|
builder.WriteString(_m.UpdatedAt.Format(time.ANSIC))
|
|
|
|
|
builder.WriteString(", ")
|
|
|
|
|
if v := _m.DeletedAt; v != nil {
|
|
|
|
|
builder.WriteString("deleted_at=")
|
|
|
|
|
builder.WriteString(v.Format(time.ANSIC))
|
|
|
|
|
}
|
|
|
|
|
builder.WriteString(", ")
|
|
|
|
|
builder.WriteString("email=")
|
|
|
|
|
builder.WriteString(_m.Email)
|
|
|
|
|
builder.WriteString(", ")
|
|
|
|
|
builder.WriteString("password_hash=")
|
|
|
|
|
builder.WriteString(_m.PasswordHash)
|
|
|
|
|
builder.WriteString(", ")
|
|
|
|
|
builder.WriteString("role=")
|
|
|
|
|
builder.WriteString(_m.Role)
|
|
|
|
|
builder.WriteString(", ")
|
|
|
|
|
builder.WriteString("balance=")
|
|
|
|
|
builder.WriteString(fmt.Sprintf("%v", _m.Balance))
|
|
|
|
|
builder.WriteString(", ")
|
|
|
|
|
builder.WriteString("concurrency=")
|
|
|
|
|
builder.WriteString(fmt.Sprintf("%v", _m.Concurrency))
|
|
|
|
|
builder.WriteString(", ")
|
|
|
|
|
builder.WriteString("status=")
|
|
|
|
|
builder.WriteString(_m.Status)
|
|
|
|
|
builder.WriteString(", ")
|
|
|
|
|
builder.WriteString("username=")
|
|
|
|
|
builder.WriteString(_m.Username)
|
|
|
|
|
builder.WriteString(", ")
|
|
|
|
|
builder.WriteString("notes=")
|
|
|
|
|
builder.WriteString(_m.Notes)
|
|
|
|
|
builder.WriteByte(')')
|
|
|
|
|
return builder.String()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Users is a parsable slice of User.
|
|
|
|
|
type Users []*User
|